The subject matter disclosed herein relates to computer system security credentials, and more particularly, to change management associated with security credentials.
In some cases, a service or computer system access requires that remote client devices present appropriate security credentials (e.g., a username and password). Moreover, the security credentials might occasionally be changed. For example, enterprise security guidelines may require that a password is changed for a newly created user. Similarly, passwords of existing users might need to be changed after a certain period of time (e.g., every three months) to enhance security. As still another example, a credential might need to be changed when an enterprise suspects that it has become known to unauthorized users (e.g., after a computer system is “hacked”).
Note that a service or computer system might be used by a substantial number of consumers. Moreover, in some systems a password might be securely stored locally at a consumer device (e.g., to allow for automatic calls of the service). Further, consumers might typically call a service at regular intervals and/or upon an occurrence of an event, and that such calls might occur at a relatively high frequency.
When the password of a service is changed, the new password must be provided to all consumers (otherwise they will not be able to logon). Because consumers might be calling the service automatically, potentially at a high frequency, a situation can arise where a service receives a call with an invalid password (that is, an old password instead of a new password). Some systems also have a “failed-login-counter” such that an account may be automatically disabled after a number of failed login attempts exceeds a pre-determined threshold value (e.g., an account might be suspended after five unsuccessful login attempts).
Thus, when a single service is used by several consumers with a high frequency, a password change for the service might inadvertently lead to a locked account if a new password is not provided quickly enough to all consumers. It would therefore be desirable to provide systems and methods to facilitate management of security credential changes in an accurate and efficient fashion.